Bug 1760394

Summary: [RHEL8] cloudinit/net/sysconfig.py write incorrect config for dhcp-stateless openstack subnets
Product: Red Hat Enterprise Linux 8 Reporter: Harald Jensås <hjensas>
Component: cloud-initAssignee: Eduardo Otubo <eterrell>
Status: CLOSED ERRATA QA Contact: xiachen
Severity: high Docs Contact:
Priority: high    
Version: 8.0CC: ailan, bfournie, eterrell, huzhao, jgreguske, knoel, linl, marjones, mtessun, ribarry, xiachen, yacao, yujiang
Target Milestone: rcKeywords: DevelBlocker, OtherQA, TestOnly, ZStream
Target Release: ---Flags: knoel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1760072
: 1811750 1811751 (view as bug list) Environment:
Last Closed: 2020-11-04 02:40:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1760072, 1803095    
Bug Blocks: 1459187, 1811750, 1811751    

Comment 1 Harald Jensås 2019-10-10 12:43:07 UTC 
Upstream merge request: https://code.launchpad.net/~harald-jensas/cloud-init/+git/cloud-init/+merge/373932
Comment 2 Harald Jensås 2019-11-20 18:03:35 UTC 
Upstream commit to fix this merged: https://github.com/canonical/cloud-init/commit/62bbc262c3c7f633eac1d09ec78c055eef05166a
Comment 11 Harald Jensås 2020-03-07 01:49:42 UTC 
I patched the rhel kvm cloud image with cloud-init-18.5-11.el8.eterrell202003061040.noarch.rpm

$ virt-customize \
  -a rhel-8.1-x86_64-kvm.qcow2 \
  --upload cloud-init-18.5-11.el8.eterrell202003061040.noarch.rpm:/root \
  --run-command "dnf update -y /root/cloud-init-18.5-11.el8.eterrell202003061040.noarch.rpm" \
  --selinux-relabel
[   0.0] Examining the guest ...
[   5.1] Setting a random seed
[   5.2] Setting the machine ID in /etc/machine-id
[   5.2] Uploading: cloud-init-18.5-11.el8.eterrell202003061040.noarch.rpm to /root
[   5.2] Running: dnf update -y /root/cloud-init-18.5-11.el8.eterrell202003061040.noarch.rpm
[   7.9] SELinux relabelling
[  22.6] Finishing off

Create image in openstack

stack@neutron-devstack:~$ openstack image create --disk-format qcow2 --file rhel-8.1-x86_64-kvm.qcow2 rhel-cloud-init-test


TEST 1 - SLAAC subnet
---------------------

stack@neutron-devstack:~$ openstack subnet list --network private -f yaml
- ID: a232e1ef-79b3-487f-9442-d86dbd2ebec9
  Name: ipv6-private-subnet
  Network: 1707d548-e7b8-4561-b64d-4679da882066
  Subnet: fd1f:be6c:58b9::/64

stack@neutron-devstack:~$  openstack subnet show ipv6-private-subnet -f yaml -c ipv6_address_mode
ipv6_address_mode: slaac

stack@neutron-devstack:~$ openstack server create --network private --key-name default --image rhel-cloud-init-test --flavor m1.small --security-group default --config-drive True testserver
stack@neutron-devstack:~$ openstack server list -f yaml
- Flavor: m1.small
  ID: 64db4ec9-07fd-475e-99e9-81afc93f365a
  Image: rhel-cloud-init-test
  Name: testserver
  Networks: private=fdf7:911e:fe51:0:f816:3eff:fe35:72fe
  Status: ACTIVE


stack@neutron-devstack:~$ ssh cloud-user@fdf7:911e:fe51:0:f816:3eff:fe35:72fe
The authenticity of host 'fdf7:911e:fe51:0:f816:3eff:fe35:72fe (fdf7:911e:fe51:0:f816:3eff:fe35:72fe)' can't be established.
ECDSA key fingerprint is SHA256:QAQG2FOols2vyy+cXRfU2Ry/jByu4aYQBHXfq0x4Wpg.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'fdf7:911e:fe51:0:f816:3eff:fe35:72fe' (ECDSA) to the list of known hosts.
Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

[cloud-user@testserver ~]$ rpm -q cloud-init
cloud-init-18.5-11.el8.eterrell202003061040.noarch

[cloud-user@testserver ~]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0 
# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=none
DEVICE=eth0
HWADDR=fa:16:3e:35:72:fe
IPV6INIT=yes
IPV6_AUTOCONF=yes
MTU=1450
ONBOOT=yes
TYPE=Ethernet
USERCTL=no


*** RESULT: PASS ***



TEST 2 - DHCPv6-stateless
-------------------------

stack@neutron-devstack:~$  openstack subnet show ipv6-private-subnet -f yaml -c ipv6_address_mode
ipv6_address_mode: dhcpv6-stateless

stack@neutron-devstack:~$ openstack server create --network private --key-name default --image rhel-cloud-init-test --flavor m1.small --security-group default --config-drive True testserver

stack@neutron-devstack:~$ openstack server list
+--------------------------------------+------------+--------+----------------------------------------------+----------------------+----------+
| ID                                   | Name       | Status | Networks                                     | Image                | Flavor   |
+--------------------------------------+------------+--------+----------------------------------------------+----------------------+----------+
| cef9e1db-e8d5-4a54-a870-538fe2b046b1 | testserver | ACTIVE | private=fdf7:911e:fe51:0:f816:3eff:fe89:140c | rhel-cloud-init-test | m1.small |
+--------------------------------------+------------+--------+----------------------------------------------+----------------------+----------+

stack@neutron-devstack:~$ ssh cloud-user@fdf7:911e:fe51:0:f816:3eff:fe89:140c
The authenticity of host 'fdf7:911e:fe51:0:f816:3eff:fe89:140c (fdf7:911e:fe51:0:f816:3eff:fe89:140c)' can't be established.
ECDSA key fingerprint is SHA256:2PuslgauD+Sje9GODv1MLRUEB6qpaVTvDQJ1D/xkbt8.
Are you sure you want to continue connecting (yes/no)? yes 
Warning: Permanently added 'fdf7:911e:fe51:0:f816:3eff:fe89:140c' (ECDSA) to the list of known hosts.
Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

[cloud-user@testserver ~]$ rpm -q cloud-init
cloud-init-18.5-11.el8.eterrell202003061040.noarch

[cloud-user@testserver ~]$ cat /etc/sysconfig/network-scripts/ifcfg-eth0 
# Created by cloud-init on instance boot automatically, do not edit.
#
BOOTPROTO=none
DEVICE=eth0
DHCPV6C=yes
DHCPV6C_OPTIONS=-S
HWADDR=fa:16:3e:89:14:0c
IPV6INIT=yes
IPV6_AUTOCONF=yes
MTU=1450
ONBOOT=yes
TYPE=Ethernet
USERCTL=no


stack@neutron-devstack:~$ sudo journalctl -u devstack | grep DHCPINFORMATION-REQUEST
Mar 07 00:43:23 neutron-devstack dnsmasq-dhcp[25457]: DHCPINFORMATION-REQUEST(tapf4cb79de-ea) 00:04:9f:73:29:f9:c0:b2:d1:e2:28:ae:e3:d6:94:b3:e6:69

*** RESULT: PASS ***
Comment 25 errata-xmlrpc 2020-11-04 02:40:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: cloud-init security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4650
Comment 26 xiachen 2021-09-16 03:22:16 UTC 
Raised a GSS rule for BZ#1760394 and BZ#1760072.
https://issues.redhat.com/browse/CEECBA-5808
Comment 29 Brandy Northrop 2024-05-03 13:05:05 UTC Comment hidden (spam)